Remote Attestation Of Host-Based Defense Via Optical Channel

Traditionally, host-based defenses are limited to transmitting alerts and attestation data over a standard network or other communication channel. Unfortunately, these channels themselves and the network devices that forward traffic can be compromised by sophisticated attackers. Out-of-band communication channels are needed in order to have a final layer of defense that is resilient in the case of attackers compromising devices and the entire network infrastructure. In this paper, we present practical applications of utilizing existing device LEDs to transmit host-based defense attestation data to low cost sensors made of COTS components. We demonstrate these techniques multiple widely deployed embedded devices including a PLC module, a ruggedized switch, and an enterprise router. These example devices cover a variety of major embedded device instruction set architectures and operating systems providing evidence that this technique is scalable and practical.